

import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.binary.StringUtils;
import org.apache.commons.lang3.ArrayUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.HexEncoder;
import org.bouncycastle.util.encoders.HexTranslator;

import java.io.FileInputStream;
import java.io.InputStream;

import java.lang.reflect.Array;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.*;

public class SignCert
{
    private static String certPath="e:/代码签名证书[MaxWoods].pfx";

    public static  void main(String[] args) throws Exception{
        Security.addProvider(new BouncyCastleProvider());
        InputStream inStream = new FileInputStream(certPath);
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(inStream, "Dozer@@@".toCharArray());
        Enumeration<String> enums=keyStore.aliases();
        String keyAlias = null;
        if (enums.hasMoreElements()) // we are readin just one certificate.
        {
            keyAlias = (String)enums.nextElement();
            System.out.println("alias=[" + keyAlias + "]");
        }
        // Now once we know the alias, we could get the keys.
        System.out.println("is key entry=" + keyStore.isKeyEntry(keyAlias));
        PrivateKey prikey = (PrivateKey) keyStore.getKey(keyAlias, "Dozer@@@".toCharArray());
        Certificate cert = keyStore.getCertificate(keyAlias);
        PublicKey pubkey = cert.getPublicKey();
        System.out.println("cert class = " + cert.getClass().getName());
        System.out.println("cert = " + cert);
        System.out.println("public key = " + pubkey);
        System.out.println("private key = " + prikey);
        Signature rsa=Signature.getInstance("SHA1withRSA");
        rsa.initSign(prikey);
        byte[] data="1234567890".getBytes("UTF-8");
        rsa.update(data);
        byte[] signdata=rsa.sign();
        ArrayUtils.reverse(signdata);
        String hex= Hex.encodeHexString(signdata);
        System.out.println(hex);
        //
        PublicKey pub = cert.getPublicKey();
        rsa.initVerify(pub);
        rsa.update(data);
        ArrayUtils.reverse(signdata);
        boolean verifies=rsa.verify(signdata);
        System.out.println(verifies);
        //
//        CertificateFactory cf = CertificateFactory.getInstance("X.509");
//        //创建证书对象
//        X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);
//        inStream.close();
//        X509Certificate cerx509 = (X509Certificate) cert;
//        String info = String.valueOf(cerx509.getVersion());
//        System.out.println("证书版本：:"+info);
//        List<X509Certificate> certList = new ArrayList<X509Certificate>();
//        certList.add(cerx509);
//        PublicKey pub = cert.getPublicKey();
//        Signature rsa= Signature.getInstance("SHA1withRSA");
//        rsa.initVerify(pub);
//        String data="1234567890";
//        byte[] dataBytes=data.getBytes("UTF-8");
//        rsa.update(dataBytes);

    }
}
